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About this guide 


Welcome to Qualys Cloud Platform! We'll show you how to use the Qualys CMDB Sync 
Service Graph Connector App to synchronize Qualys IT asset discovery and classification 
with the ServiceNow Configuration Management Database (CMDB) system. 


About Qualys 


Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and 
compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses 
simplify security operations and lower the cost of compliance by delivering critical 
security intelligence on demand and automating the full spectrum of auditing, 
compliance and protection for IT systems and web applications. 


Founded in 1999, Qualys has established strategic partnerships with leading managed 
service providers and consulting organizations including Accenture, BT, Cognizant 
Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, 
Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a 
founding member of the Cloud Security Alliance (CSA). For more information, please visit 
www.qualys.com 


Qualys Support 


Qualys 1s committed to providing you with the most thorough support. Through online 
documentation, telephone help, and direct email support, Qualys ensures that your 
questions will be answered in the fastest time possible. We support you 7 days a week, 
24 hours a day. Access support information at www.qualys.com/support/ 
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Welcome to Qualys CMDB Sync Service Graph 
Connector 


The Qualys CMDB Sync Service Graph Connector App for Configuration Management 
Database (CMDB) automatically synchronizes comprehensive information about your 
global IT resources that are continuously monitored by Qualys Asset Inventory. This 
leverages Qualys' highly distributed and scalable cloud platform, and various data 
collection tools, including Qualys groundbreaking Cloud Agents, to compile and 
continually update a full inventory of your IT assets everywhere: on premises, in elastic 
clouds and mobile endpoints. 


The Qualys CMDB Sync Service Graph Connector App is intended for Service Now 
Orlando Version. 


Key Features 


- Asset information is automatically enriched with additional context such as lifecycle 
date and support stage, license category 


- For assets that already exist in both, asset metadata can be synchronized 

- Optionally, asset information 1s staged for user approval before being written to CMDB 
- Support for multiple Qualys accounts/API sources 

- Synchronization schedules can be configured and saved 

- Preconfigured reports 


- Preconfigured CI Class Manager that pre-populates the source-destination field 
mappings and also allows you to create your own mappings for CI Class. 


What's New 


Here's what's new in Qualys CMDB Sync Service Graph Connector 1.3.0! 


- The Software Catalog information gets synced separately. While with asset sync, only 
software installation details are synced. 


- When adding missing IPs to a Qualys subscription, you can now create and apply Asset 
Group and Tags based upon the information in ServiceNow. 


- A few enhancements and bug fixes. 


Pre-requisites 


You must have a valid Qualys Account subscription with API Access and access to 
following modules: 


- Qualys Subscription with Global IT Asset Inventory (Qualys to ServiceNow Sync) 
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- Asset Inventory CMDB Sync enabled within your Qualys subscription (Qualys to 
ServiceNow Sync) 


- Vulnerability Management (ServiceNow to Qualys Sync) 


- The user's role must have the "Update Asset" permission for the CSAM module. 
(ServiceNow to Qualys Sync - Business Information Sync) 


Pre-requisite Plugins 
The following plugins must be installed before you proceed with the installation. 


- Identification Engine uses the "Configuration Management for Scoped Apps" plugin 
(com.snc.cmdb.scope) which must be installed before you start using the app. Refer to the 
ServiceNow documentation for detailed installation steps. 


- The Qualys CMDB Sync Service Graph Connector App uses Integration Commons for 
CMDPB'(sn cmdb int util) plugin which must be installed before using the app. The plugin 
is used for transforming clean values into CMDB. 


- sn cmdb ci class - CMDB CI Class Models: H/W Devices Mapping 
Note: For plugins listed below, you may require hi-ticket from ServiceNow. 
- sn itom pattern - Discovery and Service Mapping Patterns: Cloud Data 


- com.snc.discovery.core - Discovery Core - you may require hi-ticket from ServiceNow for 
this plugin. 
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Get Started 


Here we'll help you with the initial configuration and setup needed to get started. 


Quick Steps 
Install the App - You'll get the app from the ServiceNow app store. 


Add API Source - Provide the API Source details and use Test Connection to know if the 
connection between ServiceNow and the defined source is working fine. 


Create Schedules - Provide details to create a schedule. Once a schedule is successfully 
created, the sync between the source and CMDB gets working as per the schedule. 


Update Properties - The Properties have pre-defined values, however you can always 
update a property to better suit your needs. 


Install the App 


Visit the ServiceNow Online Store. 


Search for Qualys CMDB Sync Service Graph Connector App, and click Contact Seller. Your 
Technical Account Manager (TAM) will contact you, and then ServiceNow provisions the 
app into an instance of your choice. The app then appears in the "Downloads" list of your 
instance. Click "Install" to start using the app. 


In the Search field, type Qualys CMDB, and then select Qualys CMDB Sync Service Graph 
Connector App from the left pane. After you are done, new module appears in your 
ServiceNow instance that looks like this: 


servicen W Service Management © ME. Q EY ® & 
Filter navigator + System Administration v & G 


yr © System Administration 


Qualys CMDB Sync Service Graph Connector Guided Setup System Security 
( onito 


Guided Setup tools to help you set up ServiceNow kh onfigure and monitor Instance security settings 


Business Logic 
M rkflow and behavior of applications 


Overview 


Y Configuration 


Create and Deploy muu Data Management Diagnostics 

Create, modify and deploy applications to your instances Manage the way data is stored and displayed M Performance, development and debugging tools 
API Sources uag 

mus = 

Schedules 

Email ... Homepages Integration 

Customize behavior of inbound and outbound emai Configure homepages for Service Desk and Self Service users Integrate with 3rd-party systems and data sources 
Sync Queue 

Reporting and Analytics User Administration User Interface 
Approve Qualys Assets Create visual represe ons o t A id 9 Manage users, groups and their roles Lx Control the look and feel of applications 


Failed Qualys Assets 


V Advanced 


App Scheduled Jobs 


Transform Map 


Computer CI Class Mappings 


Qualys Category - Hardware De... 


Y Support 


© 
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Add API Source 


Once you install the Qualys App, you need to add the API source. Go to Qualys CMDB Sync 
Service Graph Connector App > Configuration > API Sources, and click New. 


¿ ES Quah API Credentials & = eoo | Submit Test Connection 
Ae Name Sample Source Active v 
Ae POD Qualys India Platform 1 a i) Created 
A Username Jdoe Updated 
3k Password LT Qualys to ServiceMNow Sync 
Count 
Enabi to ServiceMow v 
Enable Qualys to ida M Seq du ual Ee 
a Count 
Enable 5erviceNow to Qualys 
Sync? 
Validation Hot Validated 


Enter required details to create the source: 
Name - Provide a name for the API source. 
POD - Click and select the valid Qualys POD. 


Username and Password - Enter valid Qualys Cloud Platform credentials with API access 
enabled for the account on the selected POD. 


Enable Qualys to ServiceNow Sync and Enable ServiceNow to Qualys Sync - Select these 
options to allow uninterrupted sync between Qualys and ServiceNow. 


Validation -Reflects the status of usage of Test Connection button. When you create a 
new API source, the field 1s automatically set to Not Validated, by default indicating the 
API source is not yet tested. Once you click Test Connection (after completion of API 
source creation) the value changes to validated or validation failed depending on the test 
result. 


Note: The Validation field is auto-populated and is not editable. 


Active - Select this option to tell us the source is active and assets should be synced from 
the active source. In case of multiple sources, you can use this option to activate or 
deactivate a source. 


Sync Software Catalog 


Using Sync Software Catalog option, you can sync the software-related information 
separately. It can sync all the software information into Qualys App OOB tables or CMDB 
tables. You can see the two checkboxes 1) Sync Software Catalog ii) Sync Software Catalog 
to CMDB. 


By default, these checkboxes are disabled. Enable these checkboxes to sync the software 
catalog data to the CMDB tables. 
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Sync Software Catalog Sync Asset Tag/ Asset Group 


Sync Software Last Sync Timestamp 2022-01-23 16:32:08 
Catalog 


To enable software catalog sync, check the "Sync Software Catalog" checkbox. | ae — 
ey 


Software catalog data will be added in staging tables. 


Sync Notes Sync: Completed Successfully at 
Sync Software VW 2022-01-24 00:32:08 
Catalog to CMDB 


To sync software catalog data to CMDB, check the "Sync Software Catalog to CMDB" 
checkbox. 


Update Test Connection Delete 


If you enable the Sync Software Catalog checkbox, software catalog data can added in 
staging tables. Disable this checkbox if you don't want to sync software catalog data to the 
staging tables. 


If you enable the Sync Software Catalog to CMDB checkbox, it can sync software catalog 
data to the CMDB Software Package table. Disable this checkbox if you don't want to sync 
data directly to the CMDB tables.. 


Click Submit to create the API source. 


Then, after configuring and saving the API source, choose the record you just created from 
the API source list, open the record and click Test Connection. 


Add Custom Pod (PCP) 


Qualys provides you with pre-defined pod details for Qualys platforms. If you are a PCP 
user, we also give you the option to create and add details of your PCP environment. 


Here are the steps to add new POD entry/PCP URLs: 


1. Go to Qualys CMDB Sync Service Graph Connector App > Configuration > API Sources, 
and click New. 


a 
2. Click the search icon in the POD field. 


æ POD Qualys US Platform 3 (i) 


The list of PODs - ‘Qualys PODs' table is displayed. 
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3. Click New to add POD information. 


= Qualys PODs Lee] Search POD ¥ Search 


O =pop À 


1 toBofa 


Search 
Qualys Canada Platform 


Qualys EU Platform ] 
4. Provide the following information and save the custom record. 
a. POD: Name for the custom POD record 


b. Server: Click the | & | unlock icon to provide the Server URL. 
c. Asset Inventory Server: Click the unlock icon to provide the Qualys API Gateway URL. 


The Qualys API URL you should use for Server and Asset Inventory Server fields depends 
on the Qualys platform where your account is located. For more information on Qualys 
platform URLs, see Qualys Platforms. 


— Qualys POD -— - 
€ = Newrecord © —+ ooo Submit 


POD | My PCP Pod 


Server <Qualys API Server URL > & 
Asset Inventory «Qualys API Gateway URL > & 
Server 


Submit 


Create Schedules 


You need to set up at least one schedule. You may eventually want many more. Once a 
schedule is successfully created, the sync between the source and CMDB gets working as 
per the defined schedule. 
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Qualys to ServiceNow Scheduling 


Go to Qualys CMDB Sync Service Graph Connector App » Schedules and select "Qualys to 
ServiceNow” for Sync Direction. 


= Schedules 


€ | ZZ New record 
Mame Demo Schedule Run Periodically T 
Active d Starting 2020-04-16 01:25:39 1 
sk AFI Source us a || © Æ Repeat Interval Days 00 Hours | 00 00 00 
Ak Sync Direction Qualys to &erviceMow T Last Run Timestamp mul 
Download Assets Since 2070-04-16 01:25:38 aH Last Fetched Host ld 
API Filter operatingsystem category: "Linux" 


Auto Approve 
Qualys to ServiceNow Sync | Meta Info 
Sync Ports Info w^ 
Sync Volumes Info w^ 
Sync Network Interfaces Info wf 


5ync Software Info ball 


Enter required details to configure the schedule: 
Name - Provide a unique name for your schedule that helps you identify your schedule. 


Active - Select to enable and activate the schedule you create. If you want to activate a 
schedule sometime later, you can disable this checkbox. 


API Source - Select the API Source. 
Sync Direction - Select Qualys to ServiceNow. 


Download Assets Since: Define the date and time to sync assets from Qualys to 
ServiceNow. The schedules will download the assets after the defined time. The number of 
assets to be downloaded depends on the Size of Download batch property. For more 
information on changing the number of assets to be downloaded, refer to the Update 
Properties section. 


API Filter: Use search tokens to filter the assets as per the requirement. 
Example: operatingSystem.category1: Linux 
This token will list all the assets with the Linux operating system. 


Click here for help on using the search tokens. 
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Run, Starting, Repeat Interval - Tell us the frequency of the schedule to be executed. For 
example, you could schedule it periodically every 15 minutes. 


Auto Approve - Select this to enable auto-approval of assets. This will save the effort of 
manually approving the assets to be staged on the production tables. 


Qualys to ServiceNow Sync - Select the information we should fetch for each asset: Sync 
Ports Info, Sync Volumes Info, Sync Network Interfaces Info, Sync Software Info. 


For initial sync from Qualys to ServiceNow, we recommend that you plan your schedules 
at an interval of every ten minutes. 


Once you configure your selections, click Submit to create the schedule. 


Note: The Meta Info fields and few other blank fields such as Last Run Timestamp, Last 
Fetched Host Id are populated with information only after the schedule is executed. 
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ServiceNow to Qualys Scheduling 


Go to Qualys CMDB Sync Service Graph Connector App » Schedules and select 
"ServiceNow to Qualys” for Sync Direction. 


Em OEE 


^ 
M 


Name Demo Schedule Run Periodically v 
Active Y Starting 2021-06-28 21:59:49 
»K APISource | QAPODOI quays cf2 Q © Æ Repeat Interval Days 00 
Last Run Timestamp 


ServiceNow to Qualys Sync Meta Info 


Asset Scope 


Table | Computer [cmdb ci computer] v 


Query Add Filter Condition Add "OR" Clause 


-- choose field -- v -- Oper -- -- value -- 


If CI is already present in Qualys 


Sync Business Y 
Information to 


Qualys 


Asset Metadata 4 


Attributes 
last_updated, department, location, company, owned_by, status, support_group, managed_by, ip_address, environment, 


created, supported_by 
Business Application Services (cmdb_ci_service) v 
Table 


Business Application a 


Attributes 
last_updated, operational_status, support_group, supported_by, owned_by, used_for, business_criticality, status, created, 


managed_by, environment 


Business Services 2021-06-28 23:42:00 
Sync Last RunTime 


If Cl is NOT present in Qualys 


Æ Tracking IP v 
method 
Assign Tag/Group a 
Qualys Asset Group a 


Enable VM? Y 


Enable PC? 
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Enter required details to configure the schedule: 


Name Demo Schedule Run Periodically v 
Active vV Starting 2021-06-28 21:59:49 
>K API Source QA PODO1 quays_cf2 a. 0 Æ Repeat Interval Days 10 
>K Sync Direction ServiceNow to Qualys v Hours 2 25 45 


Last Run Timestamp 2021-06-29 00:58:31 


Name - Provide a unique name for your schedule that helps you identify your schedule. 


Active - Select to enable and activate the schedule you create. If you want to activate a 
schedule sometime later, you can disable this option. 


API Source - Select the API source. 
Sync Direction - Select ServiceNow to Qualys. 


Run, Starting, Repeat Interval - Tell us the frequency of the schedule to be executed. For 
example, we could configure to execute schedule only on-demand. 


ServiceNow to Qualys Sync - You can sync the IPs and Asset Metadata from ServiceNow 
to Qualys. 


For initial sync from ServiceNow to Qualys, we recommend that you plan your schedules 
at an interval of every ten minutes. 


Asset Scope: - Define the scope of assets to be synced. 


Asset Scope 


Table Computer [cmdb ci computer] v 


Query Add Filter Condition Add "OR" Clause 


-- choose field -- v -- oper -- -- value -- 


The Table and Query components allow you to select the asset metadata table as per 
your requirement. 


Filter the query by choosing from the default fields to sync asset metadata to Qualys. 
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If CI is already present in Qualys 


Configuration Item (CI) includes the base configuration for all the assets in the CMDB 
table. 


If Cl is already present in Qualys 


Sync Business Y 
Information to 
Qualys 


Asset Metadata Q 
Attributes 
company, created, department, environment, ip_address, last_updated, location, managed_by, owned_by, status, 
supported_by, support_group 


Business Application Services (cmdb ci service) v 
Table 


Business Application à 
Attributes 
business criticality, created, environment, last updated, managed by, operational status, owned by, status, supported by, 
support group, used for 


Business Services 2021-06-28 23:42:00 
Sync Last RunTime 


You can sync business information along with asset metadata to Qualys then enable the 
Sync Business Information to Qualys checkbox. 


Note: If you do not enable the checkbox then the asset metadata will not get synced. Only 
the asset with new IP addresses will get synced to Qualys. 


Asset Metadata Attributes: Unlock the Asset Metadata Attributes option by clicking the 
unlock button | & | » Click Add/Remove multiple option. 


Asset Metadata company 
Attributes created 

department 
environment 
ip address 
last updated V 
location : 
managed by 
owned by 
status : 


A new pop-up window appears, and you can select the attributes from the list. Use Add 
Filter and Run Filter options to isolate the records » click Save » Click the lock button to 
lock your selected attributes. 


Edit Members x 
Add Filter | Runfilter ®© 


— choose field — v — oper — v -- value -- 


Collection List 
Q 1 


businessApp.Name company 

created 
department 
environment 
ip address 
last updated 
location 

? managed by 
owned by 

< status 
supported_by 
support_group 


Cancel Save 
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All of the selected attributes from the list can sync asset metadata from ServiceNow to 


Qualys. 


Appendix to view the mapping of the fields for asset and business application metadata. 


Business Application Table: All of the selected table for business applications or services 


can get synced from ServiceNow to Qualys. 


- Business applications: Use to sync the CMDB configuration item application data. 


Searc for text v 


Business Applications [Business Application ReadOnly view] m Search for text v 
Y all 


& Q 


= Name = Description = Business process = Application type = Architecture type = Install type = Status 


Search Search Search Search Search Search Search 


In 


KnowBe4 . 
Production 


KnowBe4 (empty) 


() 


Services: Use to sync the CMDB configuration item services data. 


= Services New O NA Search for text Y | Search 
Y All» Name = Campaign Management 
17 Q = Name = Business criticality = Environment = Managed by = Support group = Supported by 
=Campaign ! Search Search Search Search Search 
(i) mt 2 - somewhat critical Development Patty Esposito Application Security Victor Johansson 


Searc. for text 


v 


= Technology stack 


Search 


z Owned by 


Search 


Sean Adams 


Sear« for text 


= User base 


Search 


zz Location 


Search 


San Diego 


Business Application Attributes: Unlock the Business Application Attributes option by 


clicking the unlock button | 4 | > Click Add/Remove multiple option. 


business criticality 
created 
environment 
managed by 
operational status 
owned by 

status 
supported by 


Business Application 
Attributes 


A new pop-up window appears, and you can select the attributes from the list. Use Add 
Filter and Run Filter options to isolate the records » click Save » Click the lock button to 


lock your selected attributes. 


All of the selected attributes for the business applications or services can get synced from 


ServiceNow to Qualys. 
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Edit Members 


Add Filter ^ Runfilter ®© 


— choose field -- v -- oper — vi -- value -- 


Collection List 
a 1 


last_updated business_criticality 

created 
environment 
managed by 
operational status 
owned by 
status 

? supported by 
support group 

< used_for 


Cancel 


Note: For Business Metadata sync, if CI is present in Qualys, then it must be synced into 
ServiceNow and transformed to CMDB tables at least once. That CI will be associated 
with a Qualys Asset ID, and it will be used to sync Business Metadata from ServiceNow to 
Qualys. 


Note: For Asset Metadata and Business Applications, created' and last updated' fields are 
mandatory for asset metadata sync and should not be removed; if these fields are 
removed, API calls to sync data will fail. 


If CI is NOT present in Qualys 


If CI configuration does not exist in the Qualys configuration environment then you will 
get only IPs from ServiceNow to Qualys. 


If Cl is NOT present in Qualys 


Æ Tracking NETBIOS v 
method 


| Only NETWORK_RANGE tags are available. | 


Assign Tag/Group Dynamic Asset Group v 


For Dynamic Asset Tag 


Dynamic Asset Group ent] Assets' string 
will be evaluated to app Dynamic Asset Tag 


Static Asset Group 
Static Asset Tag 


Asset Group Name 


Show available fields/columns 


Enable VM? Y 


This needs to be enabled else synced assets wont be scanned by Qualys. 


EnablePC? Y 


Tracking Method - Choose the tracking method from IP, DNS, or NETBIOS for assets when 
syncing from ServiceNow to Qualys. 


Assign Tag/Group (Optional) - We modified this functionality by adding a dropdown that 
includes Dynamic Asset Group, Dynamic Asset Tag, Static Asset Group, and Static Asset 
Tag. 
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When you select Dynamic Asset Group from the dropdown, an empty text box appears, 
which you can use to create the asset group on the runtime to sync the assets or CI with 
the Qualys. 


When you select the Dynamic Asset Tag, an empty text box appears, which you can use to 
create a dynamic asset tag on the runtime to sync the assets or CI with the Qualys. 


- To create the dynamic asset group name or tag name, a plain string and attributes name 
can be used. The attribute name can be used in format $[attribute name) e.g., 
${environment} 


You can use the Show available fields/columns option to add the attributes from the 
target table. It is a read-only list of available attributes from the target table, where you 
can copy the available attributes and paste them into the dynamic group or tag name field 
using the format $(attribute name] 


If Cl is NOT present in Qualys 


Æ Tracking IP v 
method 


| Only NETWORK RANGE tags are available. | 


Assign Tag/Group Dynamic Asset Group Available Fields v 

asset 

For Dynamic Asset Tag/Group Name, use the following syn| asset tag "the attribute. For e.g. 'All $ [environment] Assets' string 

will be evaluated to apply tag name 'All. Production Asset: she " 
assignment group 
attestation score 

AssetGroup Name | | sitecied 
attested by 
attested date 
attributes 
can print 
category Show available fields/columns 
cd rom i 
cd_speed IW, / 
Enable VM? v change control TE i 
las: 


checked - 
This needs to be enabled else synced assets wont be scan” checked out 
cmdb ot entity 
its 


commer 
Enable PC? company 


- [f the dynamic tag name or group name 1s already present in staging tables, 1.e., 

x qual5 itam, nwapp qualys asset groups or x qual5 itam nwapp qualys asset tags - 
in that case, the Service graph connector will not initiate to create a call for another 
duplicate group or tag name. Instead, it will fetch and use the tag 1d or group 1d of the 
existing tag/group from staging tables. 


When you select Static Asset Group, an empty text box appears, which you can use to 
search and enter the existing qualys asset group. Click the Search button to select the 
qualys asset group from the list. 


When you select Static Asset Tag, an empty text box appears, which you can use to search 
and enter the existing qualys asset tag. Click the Search button to select the qualys asset 
tag from the list. 


A Static Asset Tag or Static Asset Group. The "Static Asset Tag" or "Static Asset Group" box 
will assign that tag in Qualys Cloud Platform to any assets synced from ServiceNow. 


Note: The Asset Tags that belong to only the NETWORK, RANGE type are populated. All 
other asset tags are ignored. 


We also highly recommend adding filter conditions (at minimum IP Address) to assets to 
be synced. When selecting a TABLE, ensure that the table has a column with the 
p. address" name; otherwise, the ServiceNow > Qualys sync may not function. 
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VM (Vulnerability Management) is enabled by default to scan the assets you sync. We 
recommend that you do not disable this option. It is optional to enable PC (Policy 
Compliance). 


Once you configure your selections, click Submit to create the schedule. 


Note: The Meta Info fields and few other blank fields such as Last Run Timestamp are 
populated with information only after the schedule is executed. 


Dynamic Asset Tagging Configuration 


We've added a new dynamic asset tagging configuration feature that allows you to 
automatically create and maintain tags based on CMDB business information (Status, 
Organization, Environment, Business Criticality, Business Application Attributes) and use 
them across all Qualys solutions/apps for VMDR prioritization, asset scoping, and 
organizing vulnerability scans and reports. 


== Dynamic Tagging Configuration == 
< - Created 2021-08-12 06:09:17 4 + 000 Save 


Enable Dynamic Y 
Tagging 


You can either select the existing tag as a parent tag for creating dynamic tags for the business metadata. If a parent tag doesn't exist in the Qualys Subscription, the 
application will create a new static tag with the same name. 


Use Parent Tag Y 


»K Parent Tag Create New Tag v 
Creation 


> EnterParentTag ^ gw test 


Name 
Save 


= Attribute List for Taggings Search Attribute Attribute Name Y | Search 1 to6of6 E 


p Y Tagging Configuration record = d4c6a7a31b713090af808773604bcb6e 


208 a = Attribute Name z Active = Parent Tag Name = Selected Parent Tag = Tag Prefix Value = Sample Tag Name 
© department true (empty) 
@ status true (empty) 
© environment true o (empty) 
(i) support group true (empty) 
(i) company true (empty) 
O businessApp.Name true (empty) 


1 to6of6 


Actions on selected rows... v 


Enter required details to configure the dynamic asset tagging: 


Enable Dynamic Tagging - Select the checkbox to enable the dynamic tagging 
configuration. 


Once you enable the dynamic tagging configuration, a new option, Use Parent Tag will 
appear, and it will help you to set the Parent Tag. 
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Use Parent Tag - Select the checkbox to enable the options to create or use any existing 
tag. 


Note: If you don't enable the parent tag, then the dynamic tag will be created without any 
hierarchy. 


Parent Tag Creation - Use this option to create a new tag or select any existing tag. 


Enter Parent Tag Name - Use this option to provide and set the name of your parent tag. 


== Dynamic Tagging Configuration T 
= Created 2021-08-12 Q4r99:17 4 = cco ET 


Enable Dynamic 
Tagging 


You can either select the existing tag as a parent tag for creating dynamic tags for the business metadata. If a parent tag doesn't exist in the Qualys Subscription, the 
application will create a new static tag with the same name. 


Use Parent Tag Y 


Æ Parent Tag Use Existing Tag Y 
à.” 


Creation 


>Æ Select Tag 


The Select Tag will appear on the page if you select the "Use Existing Tag" option from the 
Parent Tag Creation field. It will make it easier for you to choose the appropriate tag. 


Select Tag - Use this option to select an existing tag. Select any existing tag from the Asset 
Tag List by using the Search button. 


Note: You can select the existing tag as a parent tag to create dynamic tags for the 
business metadata. If a parent tag doesn't exist in the Qualys Subscription, the application 
will create a new static tag with the same name. 


Save - Click save to save your parent tag configuration. 
Once the tags for the attributes have created, the business metadata will get synced. 


When the business metadata get synced, Qualys automatically generates the tags for the 
asset's attributes in the backend. 


You can select or deselect attributes from the attribute list to create the tag according to 
your preferences. 


Note: If you don't want to tag to be created for any attribute, then make that attribute 
active false. 
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Attribute List for Tagging 


In the attribute list for tagging section, you can create and add the parent tag. 


= Attribute List for Tagging vo 
€ ZZ Created 2021-08-12 06:17:08 @ E ooo Update V 


Attribute department 


Active Y 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag [ } 
Tag Prefix 


Sample Tag Name 
- Finance 


Update 


Attribute - This field shows the attribute name and will be similar to the parent tag name 
e.g. Department 


Active - Select the checkbox to activate the dynamic tag for the by default selected 
attribute. 


= Attribute List for Tagging == 
< = Created 2021-08-12 06:17:08 © ¿+ oo Update V 


Attribute department 


Active Y 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag 


»K Parent Tag Type Select Existing Tag v 
»K Selected Parent a 
Tag 
Tag Prefix 


Sample Tag Name 
- Finance 


Update 
Use Parent Tag - Select the checkbox to appear the new options on the page - It will help 
you to create a new tag or select any existing parent tag. 
Parent Tag type - Use this option to create a new tag or select any existing parent tag. 


Selected Parent Tag - Use this option to select any existing parent tag. Use the Search 
button to find and select any existing parent tag from the Asset Tag List. 
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= Attribute List for Tagging =— 
< == Created 2021-08-12 06:17:08 © EE] Update y 
Attribute department 
Active Y 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag Y 


> Parent Tag Type Create New Tag v 


ls 
Name 
Tag Prefix 
Sample Tag Name 
- gw. test 
- Finance 


Update 


The Parent Tag Name will appear on the page if you select the "Create New Tag" option 
from the Parent Tag Type field. It will make it easier for you to give the appropriate name 
to your tag. 


Parent Tag Name - Use this option to provide and set the name of your parent tag. 


< E Attribute List for Tagging 
== Created 2021-08-12 06:17:08 


S 


LL 
— ooo 
— 


Update 


y 


Attribute 


Active 


department 


v 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag Y 
»K Parent Tag Type Create New Tag v 
»K ParentTag | gw test 


Name 


Tag Prefix 


>K Tag Prefix Value 1 


Sample Tag Name 


- gw test 
- Finance 


Update 


Once you enable the Tag Prefix checkbox then Tag Prefix Value text-box will appear on 
the page. 


Tag Prefix - Select the checkbox and enable the tag prefix to add a prefix to your tag. 
Tag Prefix Value - Use this field to enter your tag prefix value. 
The prefix will be appended to that specific attribute tag once you enter it. 


Sample Tag Name - This text box displays the details of your attribute tag. 
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Update - Click update to update your newly created parent tag attribute configuration. 


Business Criticality Mapping 


The mapping of business capabilities is an important step in calculating the Qualys Asset 
Criticality Score from App/Services Business Criticality. The business criticality mappings 
provide a connection between the Business Applications Criticality and the Qualys 
Criticality. 


E) Y All 7 total Business Criticality Mappings 
» 207 a = Business Application Table A = Qualys Asset Criticality Score = Source Criticality 
v Business Application Table: Business Applications (cmdb ci business app) (3) 

© Business Applications (cmdb ci business ... 5 High 

© Business Applications (cmdb ci business ... 2 Low 

© Business Applications (cmdb ci business ... 3 Medium 


+ Business Application Table: Services (cmdb ci service) (4) 


O Services (cmdb ci service) 5 1 - most critical 


Services (cmdb ci service) 2 4 - not critical 


O Services (cmdb ci service) 3 3 - less critical 


Services (cmdb ci service) 4 2 - somewhat critical 


The business criticality mapping will be used while creating the tags for the asset 
criticality score. Asset criticality will be mapped to Business Name tags only. 


For business applications records, we currently support two tables (Business Applications 
and Services). The criticality score field in both of these tables has a different value. Each 
application has a level of criticality, which must be synced to Qualys. You can see the 
Source Criticality (Low, Medium, High, etc.) and its Qualys Severity Values in numbers. You 
can add new mapping or update existing once as required. 


Note: Except for the business app.name, we do not create all the tags with criticality 
Scores. 
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Update Properties 


The Asset Sync Properties have pre-populated values. However, you can always change the 
values to suit your needs. To view the existing properties or update the values, go to 
Qualys CMDB Sync Service Graph Connector App » Configuration » Properties. 


© This record is in the Qualys CMDB Sync Service Graph Connector application, but Global is the current application. To edit this record click here. 


Qualys CMDB Sync Service Graph Connector Properties | save | 


Size of Download batch - This property defines the 'limit' for API calls in download type sync queue and Download processor will pick up only these many records from queue at a time to process. (7) 


v 


Size of Upload batch - This property defines the batch size for sync queue. Upload processor will pick up only these many records from queue ata time. (7) 


v 


Max Transaction Lifetime (in minutes) - Stop transaction after these many minutes. © 


vw 


API Timeout Setting (in milliseconds) - This property defines the API request timeout period in milliseconds.(1 minute=60000 milliseconds). (7) 


v 


Let's take a look at how each property functions. 
Size of Download batch - Configure two properties using this setting: 


- The maximum number of assets to be fetched in a single API request call made by the 
scheduler. 


- The maximum number of records to be fetched and processed at one go from the queue 
by the download processor. 


Size of Upload batch - Maximum number of records to be picked by the upload processor 
from the queue to be uploaded to Qualys. 


Max Transaction Lifetime (in minutes) - The Qualys App has time restrictions on 
schedule run time. Although by default the time restriction is set to 10 minutes, you can 
change the time restriction to any time between 10 and 60 minutes. If you configure the 
schedule time to 20 minutes, the schedule is stopped after 20 minutes. In such a case, 
next scheduled run will resume from where the earlier run was stopped. 


API Timeout Setting (in milliseconds) - The wait time (in milliseconds) for the response to 
the API request. 
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Customize Data List Columns 


We display few columns in the data lists. You can customize which columns appear and 
change the column sequence. We'll show you an example for adding the column "Qualys 
Asset Group to data lists. 


1) Click the icon in the main pane. The Personalize List Columns pop-up appears. 


Personalize List Columns 


Available Selected 
Application Mame 
Business Calendar Active 
Condition Class 
Conditional Updated 
Created 
Created by 
Day(run, dayofmonth) » JP 
Dayirun. dayoftweek] 
Display name 4 - 
Package 


Protection policy 
Repeat Interval 
Run 

Run as 

Run as tz 


Starting ud 


| Wrap column text Compact rows Active row highlighting 
x | Modern cell coloring 


a”) Enablelist edit — ^| Double click to edit 


2) The Available list includes columns that are currently hidden. From this list, select the 
column you want to display. For example, double-click the column "Qualys Asset Group” 
and you'll see it moved to the Selected list. 


3) Enable or disable other settings like Wrap column text, double click to edit, and so on. 


4) Click OK. 
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You'll start seeing the Qualys Asset Group column. We display values in this column when 
the tag 1s present in the XML. If for some interfaces, the Qualys Asset Group is not 
available (XML does not contain it OR it's empty), the value in the column will be empty. 


= SyncQueues MA Search  APIURL v | Search 1 to2of2 
Y All» Schedule Sys Id - SCHED-SN-TO-QG 
To; Q, = API URL = Request time = Response time = Processing Start = Processing Finish == Status = Processor GUID 
Search Search Search Search Search Search Search 
: 04-14 09:54 04-14 09:54 (empty) (empty) 
(i) https://qualysapi.qg2.apps.qualys.com/ap... tici edad am 1 Lime d Success 
z 04-14 09:54 04-14 09:54 (empty) (empty) 
(1)  https://qualysapi.qg2.apps.qualys.com/ap... ui pa cr E npty Success 
Actions on selected rows... |Y 1 to2of2 
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Syncing 


Start syncing your asset information between Qualys and ServiceNow CMDB. 


In Summary 


Sync Queue: This is where you Il see all jobs involved during the flow of assets between 
Qualys and ServiceNow. 


Approve Qualys Assets: This is where you Il see assets that need manual approval when 
auto-approval 1s not enabled. 


Failed Qualys Assets: This 1s where you'll see assets that failed to get transformed. 


Sync Queue 


The Sync Queue lists jobs of two types: Upload and Download. The Type column indicates 
the direction of the flow of assets. 


Download: Qualys to ServiceNow 


This shows the list of jobs run from Qualys to ServiceNow assets. The status indicates 
whether the application was able to parse the XML response successfully. The XML that 
was transferred is also available here (usually attached as response.xml). 


= Sync Queues | New | Search | API URL Y | Search 1 to3of3 
=> 100 total Sync Queues 
y Al ync Q 


b 203 a = API URL = Request time = Response time = Processing Start = Processing Finish = Status 
P Status: Processing (3) 
» Status: Queued (21) 


b Status: Success (76) 


Actions on selected rows... Y 1 to3of3 


Upload: ServiceNow to Qualys 


This is the list of assets to be synced from ServiceNow to Qualys Cloud Platform. Defining 
IP along with Asset Tag or Asset Group in Schedules will add two entries for an asset 
during upload: one for IP address and one for Asset Tag or Asset Group. 


= Sync Queues | New | Search API URL v Search 1 to20f2 
Y All» Schedule Sys Id - SCHED-SN-TO-QG 
fo; a = API URL = Request time = Response time = Processing Start = Processing Finish = Status = Processor GUID 


Search Search Search Search Search Search Search 


(i) — https://qualysapi.qg2.apps.qualys.com/ap... SEEE M (empty) (empty) Success 
(i)  https://qualysapi.qg2.apps.qualys.com/ap... BH 09:54 EM 09:54 (empty) (empty) Success 


Actions on selected rows... Y 1 to2of2 
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Approve Qualys Assets 


Assets imported from Qualys to ServiceNow will appear here for approval after successful 
processing in Sync Queue. If processing fails for any record in Sync Queue (status = Error), 
none of the host assets in that XML will be visible here. You'll need to approve each asset 
individually or one screen at a time. You will overwrite data in your CMDB when you 
approve the asset. 


= Qualys Assets m Search Qualys Asset Id Y | Search 1 to1000f1,803 » »p» 
All 
a = Qualys Asset Id = Name = IP Address = Hardware category = Hardware category 1 = Hardware category 2 = Target CI Class = Status = Configuration Item 
Search Search Search Search Search Search Search Search Search 

O 235407402 104.196.249.227 Virtualized / Cloud Instance Virtualized Cloud Instance cmdb_ci_computer Approved 
Networking Device / i : : € 

O 148894091 10.10.3.70 - Networking Device Bridges and Routers cmdb ci ip router Approved 
Bridges and Routers 
Network Security Devi 

O 131683884 1 10.10.30.150 ds seek van imd: Network Security Device Firewall Device cmdb ci firewall device Approved 
Firewall Device 

O 238387084 10.10.34.127 Networking Device / Switch Networking Device Switch cmdb ci ip switch Approved 10.10.34.127 
Networking Device / , = i - : 

O 131645322 10.10.24.11 : uH Networking Device Unidentified cmdb ci netgear Approved 10.10.24.11 
Unidentified 
Networking Devi 

O 238153126 192.168.1.1 S aies evice/ Networking Device Wireless Access Point cmdb_ci_wap_network Approved 192.168.1.1 
Wireless Access Point 

O (empty) 64.41.200.230 (empty) 

O 238333087 192.168.1.15 Printers / Inkjet Printers Inkjet cmdb_ci_printer Approved HP001B7866DF2E 

O 207971384 1 10.128.0.9 Virtualized / Cloud Instance Virtualized Cloud Instance cmdb ci linux server Approved 

O 210985821 172.31.0.45 Computers / Unidentified Computers Unidentified cmdb_ci_hardware Approved ip-172-31-0-45 

O 211098862 13.233.127.217 Virtualized / Cloud Instance Virtualized Cloud Instance cmdb ci ec2 instance Approved H 


Save time by using auto-approval 


Enabling auto-approval of assets saves you effort and time because you won't have to 
manually approve each asset. If you enable auto-approval, none of the assets are 
displayed in the Approve Qualys Assets list. 


Failed Qualys Assets 


All of the assets imported from Qualys to ServiceNow that fail to get transformed are 
listed in the Failed Qualys Assets list. The transformation from Qualys to ServiceNow 
could fail due to criteria not being matched. For example, if you define the method to add 
data as "Identification Engine” and there is no identifier in the app. 


Qualysassets [EE (Ey Search Created v | leach — | 1 to3of3 


S q ill 


All » Transform State = Fail > CMDB table sys id is empty 
a = Qualys Asset Id = Name = IP Address = CPU Count = Asset Last Logged On User = QWEB Host Id z Queue id = Source Id = Status = Created y = Asset Most Frequent 
Search Search Search Search Search Search Search Search Search Search =Fai Search 
®© 131712289 dktp00890  11.18.124.113 1 administrator 112009413 Oebfb6081bd4941094e4fd961a4bcb94 SRC-1-US-2 Not Approved 04160214 
@ 131712295 dktp00707 — 12.35.189.139 — 1 Administrator 112008815 351ebe401b58d410a2de2fc42a4bcb0a SRC-1-US-2 Not Approved 041602:14 — 
@ (empty) dktp00923  12.7.225.14 administrator 112008569 0ebfb6081bd4941094e4fd961a4bcb94 SRC-1-US-2 Not Approved 04160233. 
Actions on selected rows... |Y 1 to3of3 
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We currently support three cloud providers: Amazon Web Services (AWS), Microsoft 


Azure, Google Cloud Platform (GCP). All your cloud assets imported from Qualys to 


ServiceNow appear in Asset Details related tables for approval after successful processing 
in Sync Queue. Let us view few examples. 


AWS 


< = Created 2020-06-04 19:47:37 


<A [NE —— — — — —  —p 


Instance ID 
Private IP Address 


Tags 


AS] AZURE | GCP 


Image ID 
Instance State 
Region Code 
Kernel ID 

Has Agent 
Private DNS 
Spot Instance 


VPCID 


Update Delete 


AWS: Staging Cloud Metadata 


Staging Open Ports (4) Staging Network Interfaces (1) Staging Volumes (4) Staging Software Instances (328) 


i-0acd516cad6acdb6b 
172.31.0.42 


Name:testAV, purpose:testforAV 


ami-03b5297d565ef30a6 
RUNNING 


ap-south-1 


false 
ip-172-31-0-42.ap-south-1.compute.internal 
false 


vpc-010083cf3502716fd 


= Staging Cloud Metadata | New | Search Provider v Search 
Y Qualys Asset = ip-172-31-37-33.us-east-2.compute.internal > Provider = AWS 
203 Q, = Provider z Instance ID = Account ID = Instance State 
i AWS E 883273722338 RUNNING 
O => 03fb1b6444bc54b2d 


Actions on selected rows... Y 


= Availability Zone 


us-east-2c 


Hostname 
MAC Address 


Public IP Address 


Account ID 
Availability Zone 
Instance Type 
Region Name 
Launch Date 

Is Qualys Scanner 
Public DNS 


Subnet ID 


Staging Cloud Metadata (1) 


= Region Code 


us-east-2 


t2.micro 


@ = 
= 
= 


ooo Update Delete 


13.234.32.13 


636123215182 

ap-south-la 

t2.micro 

Asia Pacific (Mumbai) 

2020-03-23 
false 


ec2-13-234-32-13.ap-south-1.compute.amazonaws.com 


subnet-0f45497735e183fdc 
= Instance Type = Kernel ID = Region Name = Has Agent = Launch Date = Private DNS = Is Qualys Scann 
ip-172-31-37- 
345GSGR3234 US East (Ohio) true 2019-05-02 33.us-east- false 


2.compute.internal 
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false 


1 tolofl 


Qualys CMDB Sync Service Graph Connector 
Syncing 


Microsoft Azure 


< = Created 2020-06-04 19:47:37 


Provider AZURE 


Hostname 
Instance ID MAC Address 00-22-48-00-22-38 
Private IP Address 10.0.1.11 Public IP Address 51.140.255.143 
Tags OS:Windows 10 


| Aws| AZURE [ecr 


Virtual Machine Name TAM-Demo-VM-06 Virtual Machine ID b5cb03f1-cbcb-427f-8957-20aef4385519 


Virtual Machine Size Standard_A2_v2 Virtual Machine State RUNNING 


Virtual Machine Subnet TAM-Demo-Subnet-UKWest Subscription 1D 30293558-9706-4c17-863a-016e35462650 
Image Publisher MicrosoftWindowsDesktop Image Version latest 
Image Offer Windows-10 Location ukwest 
OS Platform Windows Resource Group Name TAM-Demo-RG-EMEA 
Update Delete 


Microsoft Azure: Staging Cloud Metadata 


| Staging Open Ports (16) | Staging Network Interfaces (2) | Staging Volumes (4) | Staging Software Instances (78) | Staging Cloud Metadata (1) 


= Staging Cloud Metadata QE Search Provider w | Search 
S7 Qualys Asset = WINHQAZIOC10 
203 a = Provider = Instance ID = Account ID = Hostname = Availability Zone = Image ID = Project ID = Private IP Address 


(| [8 10.0.1.11 


Actions on selected rows... |v 


l|tolofl » pp» 


= Public IP Address = Virtual Machine ID = Launch Date 
b5cbo3f1-cbcb-427f- 
51.140.255.143 
8957-20aef4385519 
1 tolof1 
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d? Ro Update Delete À | 


Hostname demo-gcp-uel-centos-7-private.c.gcp-qualys-demo.internal 
Instance ID 2192482258772071952 MAC Address 42:01:0a:00:00:08 


Private IP Address 10.0.0.8 Public IP Address 


Tags 


gcp-qualys-demo 579051502736 
custom-1-1024 demo-gcp-vpc-networks-us 


us-east1-d RUNNING 


GCP: Staging Cloud Metadata 


| Staging Open Ports (4) | Staging Network Interfaces (1)| Staging Volumes (4) Staging Software Instances (357) Staging Cloud Metadata (1) 


= Staging Cloud Metadata [EZ] Search ^ Provider v | Search 44 4 1| tolofi >» »» El 


+ Qualys Asset = demo-gcp-uel-centos-7-private 


203 a = Provider = Instance ID = Account ID = Hostname = Availability Zone = Image ID = Project ID = Private IP Address = Public IP Address = Virtual Machine ID = Launch Date 


2192482258772071952 
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Advanced Configuration 


The Advanced Configuration tells you about various pre-defined configurations and steps 
to customize them to your need. 


In Summary 


App Scheduled Jobs - List of all scheduled jobs. Update or change the frequency of 
scheduled jobs as per your needs. 


Transform Maps - Use transform mapping to map source and destination fields 
dynamically. Use predefined Transform Maps. 


Computer - CI Class Mappings - Provides pre-defined class mappings to identify source 
assets. 


Qualys Category - Hardware Device CI Mappings - Provide pre-defined class mappings for 
hardware related fields. 


Application Log - All log entries related to the important activities in Qualys App. 


App Scheduled Jobs 
All of the App Scheduled Jobs are listed under Advanced > App Scheduled Jobs. 


= Scheduled Jobs | New | Search Name v 1 tol0of10 


Y All» Application = Qualys CMDB Sync Service Graph Connector > Class = Scheduled Script Execution 

203 a = Name A = Active = Class = Updated 
G Auto Approval Processor true Scheduled Script Execution 02-Sep-20 02:09:30 
© Auto Approval Processor2 true Scheduled Script Execution 02-Sep-20 02:09:54 
(i) Download Processor true Scheduled Script Execution 02-Sep-20 02:10:22 
Gi) Download Processor 2 true Scheduled Script Execution 02-Sep-20 02:11:18 
G) Download Processor 3 true Scheduled Script Execution 02-Sep-20 02:11:33 
© Fetch Qualys Asset Groups Schedule true Scheduled Script Execution 02-Sep-20 02:11:51 
© Fetch Qualys Asset Tags Schedule true Scheduled Script Execution 02-Sep-20 02:12:14 
© Qualys Sync Queue Cleanup Job true Scheduled Script Execution 02-Sep-20 02:12:32 
© Qualys Terminate Schedule Logs true Scheduled Script Execution 02-Sep-20 02:12:48 
(1) Uploader true Scheduled Script Execution 02-Sep-20 02:13:16 


We support the following App Scheduled Jobs. The function and frequency of execution of 
each job is described. However, you can always update or change the frequency of 
scheduled jobs as per your needs. 
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Auto Approval Processor - Checks the records to know which schedule does it belong to 
and processes it further. Only records that have auto-approval enabled are processed by 
the Auto Approval Processor. 


Download Processor - Picks the records of type Download with Queued status from sync 
queue and parses the XML. The number of records to be picked in a batch 1s defined by the 
Size of Download batch setting in Properties section. Currently, we support three 
download processors that work in parallel to fasten the process. 


Fetch Qualys Asset Groups Schedule - By default, this schedule 1s executed once daily. 
Once executed, it syncs all of the Asset Groups in Qualys Cloud Platform for use within 
the App. You may run this more than once a day if you generate Asset Groups in Qualys 
Cloud Platform frequently. 


Fetch Qualys Asset Tags Schedule - By default, this schedule is executed once daily. Once 
executed, it syncs all of the Asset Tags in Qualys Cloud Platform for use within the App. 
You may run this more than once a day if you generate Asset Tags in Qualys Cloud 
Platform frequently. 


Qualys Sync Queue Cleanup Job - Clears the Sync Queue records with SUCCESS status 
(older than 30 days) and records with 'ERROR' status (older than 60 days) on daily 
schedule. 


Qualys Terminate Schedule Logs - Maintains a log of the transactions that are 
terminated due to exceeding the time required to execute the transaction. 


Uploader - Picks the records of type Upload with Queued status from Sync Queue and 
sends it to Qualys. 
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A transform map is a set of field maps that determine the relationships between fields in 
an import set and fields in an existing ServiceNow table. The transform map is used only 


for field mapping purposes. 


= Table Transform Maps | New Search Order Y | Search 


Y All > Application = Qualys CMDB Sync Service Graph Connector 


207 a = Name = Source table = Target table 


Qualys Asset Inventory IP 


1 tol12o0f12 


= Run business rules = Order A = Active = Updated 


. : 23-Mar-20 
O mport IP Address [x_qual5_itam_nwapp_import_ip_address] P Address [cmdb ci ip address false 100 true n agile 
Address TM 06:59:59 
Qualys Asset Inve - 23 0 
© = i mport Open Ports [x_qual5_itam_nwapp_import_open_ports] Open Ports [x_qual5_itam_nwapp_open_ports] false 100 true = pi m: 
Open Ports TM 06:01:59 
Qualys Asset Inventory mport Serial Numbers . 24-Mar-20 
© — = | E i Serial Number [cmdb_serial_number] false 100 true pibe 
Serial Numbers TM x qual5 itam nwapp import serial numbers] 03:21:03 
Jualys Asset Inventory mport Network Adapter . 23-Mar-20 
O Qualys Asset Inventory P "S P q Network Adapter [cmdb ci network adapter] false 100 true A E 
Network Adapter TM x qual5 itam nwapp import network adapter] 06:05:56 
O Qualys Asset Inventory mport Qualys Hardware Details Additional Hardware Details fal 100 t 29-Mar-20 
alse 00 true 
Hardware Details x qual5 itam nwapp import qualys hardware details x qual5 itam nwapp qualys hardware details . 00:48:27 
Qualys Asset Inve Fil : SES 3-Mar-20 
© Qualys Asset Inventory Eile mport File System [x_qual5_itam_nwapp_import_file_ system] File System [cmdb ci file system] false 100 true TRO 
System TM 06:01:20 
Qualys Asset Inventory a " E 25-Mar-20 
O —— V— mport Computer [x qual5 itam nwapp import computer] Computer [cmdb ci computer] false 100 true Bh 
Computer TM 00:16:29 
Qualys Asset Inventory OS mport Qualys OS Details ; : 24-Mar-20 
© = = - C P : ] OS Details [x qual5 itam nwapp qualys os details] false 100 true 
Details TM x qual5 itam nwapp import qualys os details 04:02:11 
Qualys Asset Inventory mport Software Instance = : 24-Mar-20 
© A ni 7 . Software Instance [cmdb software instance false 100 true E S 
Software Instance TM x_qual5_itam_nwapp_import_software_instance 05:21:13 
© Qualys Asset Inventory mport Software Details Additional Software Details fal 100 t 24-Mar-20 
Res alse rue 
Software Details TM x qual5 itam nwapp import software details] x qual5 itam nwapp qualys software details] zs 04:11:55 
O Qualys Asset Inventory Import Qualys Asset Details Qualys Asset Details fal 100 28-Mar-20 
alse 00 true 
Jualys Asset TM x qual5 itam nwapp import qualys asset details x qual5 itam nwapp qualys asset det 7 23:34:48 
Qualys Asset Inve c : . Mar-20 
@ Qualys Asset Inventory label [x qual5 itam nwapp import qualys processors] Processors [x qual5 itam nwapp qualys processors] false 100 true Sisi 
Processors TM 04:15:37 


Use transform mapping to map source and destination fields dynamically. You could 
easily use the predefined Transform Maps or create one to suit your need. 


Qualys Pre-defined Transform Map 
Qualys Asset Inventory IP Address Transform Map 


Type of Asset Information Affected 
IP Address 


Qualys Asset Inventory Open Ports Transform Map 


Open Ports 


Qualys Asset Inventory Serial Numbers Transform Map 


Serial Number 


Qualys Asset Inventory Network Adapter Transform Map 


Network Adapter 


Qualys Asset Inventory Hardware Details 


Additional Hardware Details 


Qualys Asset Inventory File System Transform Map 


File System 


Qualys Asset Inventory Computer Transform Map 


Computer 


OS Details 


Qualys Asset Inventory OS Details Transform Map 


Software Instance 


Qualys Asset Inventory Software Instance Transform Map 


Qualys Asset Inventory Software Details Transform Map 


Additional Software Details 


Qualys Asset Inventory Qualys Asset Transform Map 


Qualys Asset Details 


Processors 


Qualys Asset Inventory Processors Transform Map 


Learn more 


Please refer to the ServiceNow documentation to learn more about transform maps. 
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We have pre-defined tables that contain set of records with matching rules. The rules are 
defined using single or multiple attributes to uniquely identify source assets. The rules 
form the criteria to identify the assets to be picked from the source and then added to 
target CI classification. 


The fields that could be mapped directly with the ServiceNow tables got listed in the 


classified tables. The custom fields that could not be directly mapped with the existing 
ServiceNow tables are listed in the related tables. 


= Computer CI Mapping Rules EP Search 


M Al Deprecated - false 


= Name À 


AIX Server 


Alteon 


Citrix Netscaler 


ESX Server 


HPUX Server 


Hyper-V Server 


IBM Mainframe 


IBM zOS Server 


Linux Server 


Load Balancer 


OS/X Server 


Server 


Solaris Server 


UNIX Server 


Virtualization Server 


O0o00000000000000920/^? 


Windows Server 


Actions on selected rows. v 


Classified Tables 


Name 


E 


= Rule 


os name-aix^os category 2-server^EQ 

os publisher-Radware^os product name-Alt... 
os publisher-IBM^os category 2-Netscaler^EQ 
os category-hypervisor^os product name-t... 
os product name-HP-UX^os category 2-serv.. 
os category-hypervisor^os product name-H... 
os publisher-IBM^os category 2-mainframe^EQ 
os publisher-IBM^os product name-z/os^EQ 
os category-linux / server^EQ 

hardware category 2-Server Load Balancer^EQ 
os publisher-IBM^os product nameLIKEOS/^EQ 
os category 2-server^EQ 

os product name-solaris^os category 2-se... 
os name-unix^os category 2-server^EQ 

os category-hypervisor^os category 2-ser.. 


0s category-windows / server^EQ 


= Target Ci Class 


AIX Server [cmdb ci aix server] 


Alteon [cmdb ci Ib alteon] 


Citrix Netscaler [cmdb ci Ib netscaler] 


ESX Server [cmdb ci esx server] 


HPUX Server [cmdb ci hpux server] 


Hyper-V Server [cmdb ci hyper v. server] 


IBM Mainframe [cmdb ci mainframe] 


IBM zOS server [cmdb ci ibm zos server] 


Linux Server [cmdb ci linux server] 


Server [cmdb ci server] 


OS/X Server [cmdb ci osx server] 


Server [cmdb ci server] 


Solaris Server [cmdb ci solaris server] 


UNIX Server [cmdb ci unix server] 


Virtualization Server [cmdb ci virtualization server] 


Windows Server [cmdb ci win server] 


= Priority 


1 tol6ofl6 


= Active 


200 true 


l  tol6ofl6 


The classified table includes the mapping of source fields with target fields that are 


recommended/used by ServiceNow. 


€ — Computer CI Mapping Rule 
— record 


Name 
Active 
Deprecated 
Rule 
Table 
Rule 
Submit 


Windows Server Sample 


Qualys Assets [x qual5 itam nwapp qualys assets] 


Add Filter Condition 


Hardware Manufacturer 


Add "OR" Clause 


v 


starts with 


Priority 


Target CI Class 


v sample 
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Windows Server [cmdb_ci_win_server] v 


c 
P À + ooo 
.— 


Submit 
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Each column of the categorized CI class mappings is listed below: 
Name: The pre-defined name given by Qualys to the CI class mapping. 
Rules: The rule that forms the criteria to select the assets from the source table (Qualys). 


Target CI Class: The name of the destination/target table (defined by ServiceNow) on the 
production environment where the data should be inserted. If you want change 
destination table, you can change the target CI class for the corresponding source field. 


Active: The status of the mapping indicating if the current mapping is active or not. True 
indicates mapping being active. 


Priority: The priority decides the sequence in which the mappings should be acted upon. 
In case of multiple mappings for similar fields, the mapping with lowest number gets 
higher priority. For example, if there are two mappings with priority 50 and 100. The 
mapping with priority 50 gets higher precedence than 100. 


For detailed list of field mappings for classified tables, refer to the Classified Tables. 


Computer CI Class Mapping for Custom Fields 


Let us see an example of creating custom fields mapping based on the hardware 
manufacturer for Windows server. 


Click New and the blank form to create a new record for CI class mapping is displayed. 


= Computer Ci Mapping Rule — uu 

<== New record e = ‘°° | Submit 

Name Windows Server Sample Priority 

Active Target CI Class Windows Server [cmdb ci win server] Y 

Deprecated 

Rule 

Table Qualys Assets [x qual5 itam nwapp qualys assets] 

Rule Add Filter Condition || Add "OR" Clause 

Hardware Manufacturer v starts with v sample AND OR SE 


Submit 


1. Provide a name for the record you want to create. For example, Windows Server Sample 
as we are creating mapping for Windows server. 


2. Select the Active check box to activate the mapping you create. If the check box 1s clear, 
it indicates that the current mapping will not be used for inserting data in production 
table of ServiceNow. 


3. Define the priority for the mapping. For highest precedence, use the lowest number in 
priority. 


4. Select the Target CI Class table from the pre-populated list. The table you choose forms 
the destination table for the mapping. 


5. Define the rule that would form the criteria to choose the source assets to be picked and 
mapped. You could form a rule using single or multiple attributes and filters. 
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Click Submit to complete the mapping process. 


Qualys Category - Hardware Device CI Mappings 


Similar to Computer CI Class mappings, we have pre-defined tables that contains set of 
records with matching rules for hardware related fields. The rules are defined using two 
attributes to uniquely identify source assets. If an asset meets the attributes that match 
the attributes listed in category 1 and category 2, only then the source asset is moved to 
the target CI classification table. 


Note: The Computer CI Class Mappings has precedence over hardware devices CI 
mappings. 


For detailed mappings, see Hardware Data Mappings and Cloud Data Mappings sections. 


Related Tables for Custom Fields 


The custom fields that could not be accommodated in the classified tables are listed in 
separate tables called as related tables. 


If you are using custom table that includes custom fields (excluding pre-defined fields), 
you need to create new mappings record to match the customizations. 


Note: We do not recommend that you edit the mappings we provide in the related tables 
as it could lead to mismatch of the data and result it Identification Engine discarding the 
data. 


How to identify and view related table entries in out of the box table entries 
1. Open the CMDB Table Record Entry (cmdb. ci computer.list). 
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2. On the top grey bar, right-click and choose Configure » Related lists from the menu. 


Configuration 


Security Rules 
OS Domain Business Rules 
Operating System Windows Vista Client Vista(6.0) Business v Client Scripts 
OS Address Width (bits) — None — UI Policies 
Data Policies 
UI Actions 
Notifications 


6.0 


Dictionary 


4. Select the required column names from Available and then click the » (Add) button to 
Selected check box and then click Save. 


< Configuring related lists on Computer form Cancel 


Available Selected 


.NET Application->Duplicate Of Network Adapter->Configuration Item 
A10 Load Balancer->Duplicate Of File System->Computer 
Accessory->Duplicate Of Software Installed 

ACE->Duplicate Of Serial Number->Configuration Item 
ACL Endpoint->Duplicate Of Qualys Asset Details->Reference Cl 
Active Directory Domain Controller->Duplica Additional Hardware Details->Reference CI 
Active Directory Domain Controller->Provide Open Ports->Reference Cl 

Active Directory Domain to Domain Controll: OS Details->Reference Cl 

Active Directory Forest Endpoint->Duplicate 

Active Directory Service->Duplicate Of 

ActiveMatrix Business Works Process->Dupli 

ActiveMatrix Business Works->Duplicate Of 

AD Domain->Duplicate Of 

AD Domain->Provided by 

AD Forest->Duplicate Of 

AD Forest->Provided by 

AD Service inc->Duplicate Of 

Additional Cloud Details->Reference Cl 

Additional Software Details->Reference Cl 


Cancel [ETE 


View name: Default view 


Related Links 
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You can then view the details for the added columns in Related Links section. 


Related Items 


a Search for Cl 


(o Runs on - Virtual Machine Instances 
© EP [L1] HQWIN12R2RD27 


Update Delete 


Related Links 
Subscribe 


Network Adapters (1) Storage Devices File Systems (2) Software Installed (51) Running Processes Serial Numbers (1)  CIIPs(13) DNS Names for Cis Memory Modules TCP Connections Qualys Asset Details (1) Qualys Assets (1) 


Network Adapters MM Search Name v | Search 


Y Configuration Item = HQWIN12R2RD27 > Status != Absent 


= Name A = IP Address = Netmask = DHCP Enabled 


00:50:56:AA:38:81 10.115.76.186,fe80:0:0:0:250:56ff:feae:1... 255.255.255.0 false 


Actions on selected rows... v 


Application Log 


Log entries are listed under Advanced > Application Logs. 


= App Log | New | Search Created v 


Y All > App Scope = Qualys CMDB Sync Service Graph Connector > Created > 07-Sep-20 03:59:59 


e 


Search 


= Level = Message 


1.0.0 | approveAssets | Asset (248446067) failed to Auto Approve using Identification 


Error 
Engine. 


Engine. 


1.0.0 | approveAssets | Asset (248446067) failed to Auto Approve using Identification 
Engine. 


1.0.0 | approveAssets | Asset (248446067) failed to Auto Approve using Identification 


O -Sep-20 1.0.0 | approveAssets | Asset (248446067) failed to Auto Approve using Identification 
© Engine. 


O - 1.0.0 | approveAssets | Asset (248446067) failed to Auto Approve using Identification 
:03: Engine. 


Logged activities include: 


= MAC Address 


= Mac manufacturer 


00:50:56:AA:38:81 (empty) 


1 to 20 of 1,788 


= App Scope 


Qualys CMDB Sync Service 
Graph Connector 


Qualys CMDB Sync Service 
Graph Connector 


Qualys CMDB Sync Service 
Graph Connector 


Qualys CMDB Sync Service 
Graph Connector 


Qualys CMDB Sync Service 
Graph Connector 


> >> 


= Source Script 


Script Include: 


Script Include: 
QualysAppUtil 


Script Include: 


- API Response. For example, when you click Test Connection and if the account does not 


have access to Global IT Asset Inventory module. 


- Schedule Lifecycle (Start, Run, and Finish) 


- Lifecycle of Download Processor and Upload Processor (Start, Run, and Finish) 


- Asset Approval type (Manual or Auto Approval) 
- Fetching Asset Tags and Asset Groups 
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View Reports 


Go to Qualys CMDB Sync Service Graph Connector App » Overview. The Overview page 
displays a consolidated view of all the reports. If you view this page before syncing the 
assets, it may display all values as zero. 


servicen WW. Service Management [ -J Or ce (O) YOR 


G9 X O 


Add content s Change Layout 
(Q) Qualys Overview 


Qualys CMDB Sync Service Graph Connector 


Synced Qualys Assets Approved Qualys Assets Pending Qualys Assets Failed Qualys Assets 
1,129 7,129 O 0 


Asset Categories OS Distribution EOL Operating Systems 


8k 5 


Qualys Assets Count 


Qualys Assets Count 

. N w > 
a erstens 
[t| 
cT | 
Ea 
E 
¡| 
E 
mum 
gez 
Eu 
NES 


o 


x A e K o E 
inux = 4,927 (63.75%) A V ad oom Qr us 
nidentified — 2,264 (29.2996) a x < © S XS 
indows = 220 (4 14%) Oo 


2 
1/6 V SU y > 


Application Categories Application Publishers Database Distribution 


5 

4 

3 

2 

n" j 

S Se s $ o 

S © 7 ST gs 

S 3s e y 
je E S e au Ss 
< " SEI 
SOS 


Additional Software Details Count 
Additional Software Details Count 


M Google = 265 (16.49%) 
B Mi 


$ 
Microsoft = 173 (10.77%) 
A 54%) 


SS SS 
D e 2 Á 
S S > uw 
S 3 
E & ww NA 7 o 
> 
AS 


E e 
i pe 
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250 
200 
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100 
50 
o 
e 

SS 


Su 
> > 
à e 
E QS e 
* o S M Facehook = 
AS 
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Note: From v1.3.1, to populate the data in the Application Categories, Application 
Publishers, Database Distributors, Software Lifecycle Stage, Software Distribution, EOL 
Applications widgets, and Additional Software Details table 1s being used. If you have not 
enabled Software Catalog Syncing to CMDB tables, then data in these widgets will not 
populate. 


When the Overview page is launched for the first time, you see a list of 10 default reports. 
However, the reports can be customized based on your preference. For more information, 
see, Customize Overview Page. 


Types of reports that you can configure: 


Report Name Description 


Qualys Assets Reports 


Approved Qualys Assets The Approved Qualys Assets report lists the assets auto/manually 
approved. This number is listed on the production table. 


Asset Categories The Asset Categories report gives a clear picture of the various types 
of assets across your organization. The chart is a diagrammatic 
representation of the asset categories. Click the bar to view additional 
details about the respective asset category. 
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Description 


The End of Life (EOL) Operating Systems report gives a clear picture of 
the various types of operating systems with the end of life across your 
organization. The chart 1s a diagrammatic representation of the 
operating systems. Click the bar to view additional details about the 
respective operating system. 


Failed Qualys Assets 


The Failed Qualys Assets lists the number of assets that are not 
transformed into the CMDB table. 


Hardware Manufacturers 


The Hardware Manufacturers report gives a clear picture of the 
various manufacturers of hardware across your organization. The 
chart is a diagrammatic representation of the hardware 
manufacturers. Click the slice to view additional details about the 
respective manufacturer. 


OS Distribution 


Pending Qualys Assets 


The OS Distribution report gives a clear picture of the operating 
systems installed on the assets across your organization. The chart is 
a diagrammatic representation of the operating systems. Click the 
slice to view additional details about the respective operative system. 


The Pending Qualys Assets report lists the assets which are not 
approved. 


Synced Qualys Assets 


The Synced Qualys Assets report lists the assets synced from Qualys 
to ServiceNow. 


Software Report 


Application Categories 


Application Publishers 


The Application Categories report gives a clear picture of the various 
types of applications installed on the assets across your organization. 
The chart is a diagrammatic representation of the various 
applications. Click the bar to view additional details about the 
respective application category. 


The Application Publishers report gives a clear picture of the various 
publishers of the application installed on assets across your 
organization. The chart is a diagrammatic representation of the 
publishers. Click the bar to view additional details about the 
respective publisher. 


Database Distribution 


End of Life Application 


Software Distribution 


The Database Distribution report gives a clear picture of the various 
types of the database used across your organization. The chart is a 
diagrammatic representation of the database distribution. Click the 
bar to view additional details about the respective database type. 


The End of Life (EOL) Application report gives a clear picture of the 
various types of applications with end of life across your organization. 
The chart is a diagrammatic representation of the Application. Click 
the bar to view additional details about the respective operating 
system. 


The Software Distribution report gives a clear picture of the various 
types of software used across your organization. The chart is a 
diagrammatic representation of the software distribution. Click the 
bar to view additional details about the respective database type. 


Software Lifecycle Stage 


The Software Lifecycle Stage report lists the lifecycle stages of 
applications. Example: GA, EOL/EOS. 
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Customize Overview Page 


You can add or remove the reports from the Overview page. 


Add a Report 


Click on Add content, the Add content pop-up appears. Select one of the following options 
to add reports: 


-To add Qualys Assets reports: Select Reports from the first column, Qualys Assets from the 
second column and in the third column, select the required report from the displayed list. 


Add content 


a Ogqualys a 
<Favorites> Qualys Asset Tags Approved Qualys Assets 
Asset Categories 
Performance Analytics Assets awaiting approval 
Interactive Filters EOL Operating Systems 
Content Blocks Failed Qualys Assets 
Gadgets Hardware Manufacturers 
CMDB Group Widgets OS Distribution 
CMDB Service Widgets Pending Qualys Assets 
CMDB Widgets Synced Qualys Assets 
Financial Management bé 
Asset Categories = 
30k 
25k 
20k 
E 
8 
15k 
+ 5| 
o 
a 
= 
10k m 
Add here Add here Add here Add here 
Add here Add here Add here 
Add here Add here Add here 


-To add Software reports: Select Reports from the first column, Staging Master Software 
from the second column and in the third column, select the required report from the 
displayed list. 


Add content 


a Ogtaging a 

<Favorites> Application Categories 

Reports Application Publishers 

Performance Analytics Database Distribution 

Interactive Filters EOL Applications 

Content Blocks 
Gadgets Software Lifecycle Stage 


CMDB Group Widgets 

CMDB Service Widgets 

CMDB Widgets 

Financial Management m 


Software Distribution 


2750 


2500 


2250 


2000 


1750 - 

Add here | Add here | Add here l Add here 
Add here | Add here | Add here 
Add here | Add here | Add here 


Once you select the required report, click one of the Add here options. The 10 Add here 
options indicate different locations where you can add the report on the Overview page. 
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Remove a Report 


To remove a report from the overview page, click on the close + option. Once you delete 
the report, you cannot undo the process. To add the same report again, see Add a Report. 


OS Distribution 


M Linux = 42,294 (63.48%) B Mac = 19,619 (29.45%) 
Ml Unix = 4,337 (6.51%) S windows = 286 (0.43%) 
E Unknown = 91 (0.14%) Bl unidentified = 1 (0%) 


Refresh Overview page 


To refresh all the reports on the Overview page at a fixed interval, click on the Homepage 
Settings # icon and select the required Refresh interval. 


Create Dashboard Version 


Refresh interval 
e Off 
5 minutes 
15 minutes 
30 minutes 


1 hour 


Delete page 
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Debugging and Troubleshooting 


Here are scenarios that will help you debug certain common issues. 


How to debug 


In case of any unexpected application behavior one should check the application logs. 
The application log has four different levels of logging: Information, Error, Warning, Debug 


The application writes log entries after important transitions. For example, Schedule run, 
on click of test connection to API Server | Qualys CMDB Sync Service Graph Connector App 
> Advanced > Application Log] 


Observed Issues 
Scenario: Sometimes clicking on 'Test Connection" gives 'error' response to user. 
Workaround: Check the error message. 


- Try to repeat the "Test Connection a couple more times (if all input parameters are 
correct then success message is displayed and the validation state will change to 
validated.) 


- One can get the error message under 'Schedule Logs for related entries in schedule 
record. 


- If no valid error is displayed (i.e. you are sure that the credentials are correct but API 
reported “unauthorized”), try again after some time. If error persists, contact Qualys 
Support. 


Scenario: When Download processor takes too much time to process 
Workaround: Go to Properties and lower the Size of Download batch. 


Scenario: Download Processor failed to process Sync Queue record(s) 


Workaround: This may leave the corresponding Sync Queue entry in Error state and the 
error details can be verified from Processing Notes/Message’ 


User should manually change the status back to 
- Queued , and reset the Processor GUID if user wants to process that response again. 


If you reprocess any response, it will not lead to duplicate data, as application checks 
whether the record already exists in staging tables before inserting. 


- ‘Error’, if user does not want to process it again. 


Scenario: Failed to approve asset using Identification Engine/Invalid Update 


This error 1s displayed when the application finds some error with Identification and 
Reconciliation APIs. 
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To verify the issue, you can to navigate to Failed Qualys Assets > Open the asset record 
and see the Notes section. This section contains the detailed error response, as received 
from Identification and Reconciliation API. 


Scenario: Sometimes it is observed that ‘approving’ manually multiple assets gives 
‘Transaction Timeout’ by ServiceNow 


Workaround: 
- In such case there 1s no data loss observed in asset transformation 


- To overcome transaction timeout error, it is recommended to use ‘Auto Approval’ in 
schedule 


Scenario: Duplicate entries found in cmdb_ci_computer for assets which were synced 
from ServiceNow to Qualys, scanned and then synced back from Qualys to ServiceNow 


Workaround: 
- If the user has added only IP address for the asset in the cmdb, ci computer table 
Reason: Name is a mandatory parameter for ServiceNow IRE mechanism. 


- If user added both name (any dummy name) and IP Address for the asset in 
cmdàb. ci, computer table 


Reason: After scanning the asset, the name discovered during the authenticated / 
unauthenticated scan and the dummy name that was provided could be different. 


Note: There would be no duplicate entry in cmdádb. ci computer if the name is exactly 
same for the asset before sending the data from ServiceNow to SericeNow 


Anticipated Issues 


- [tis quite frequent to have error in opening/viewing attached ‘response.xml’ from sync 
queue records. Those response.xmls are considered as incomplete. 


List of expected failure modes 

- Qualys API server is undergoing maintenance/downtime 

- Qualys subscription expired 

- User credentials used are incorrect 

- User credentials are correct, but user has no Qualys App subscription from Qualys 


Number Mismatch Between Staging and Production Tables: Assets 


Assets with the Same Name: If there are multiple assets with the same name. after 
approval of the production class, not all will be added as separate records. The first asset 
which 1s approved gets added as a separate record. All the other assets with the same 
name get approved, but the IRE version updates the same record. However, the same 
record may contain multiple values for the same fields. 


The discrepancy is observed in the following scenarios: 
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-Assets discrepancy could be there in the production table if the assets have the same 
names 


Cause: IRE version uses a name to identify the CI class. Name is a mandatory parameter 
for transformation. 


Number Mismatch Between Staging and Production Tables: Software 


IRE version needs a software name and version of the data being transformed. Name is a 
mandatory parameter for transformation. For example, if the software has no 
Name/Version: The software without a name doesn't make any sense, The Software (OOB 
table) uses a 'key' attribute consisting of name and version. 


For example, the software has the same name and the version number in the staging area. 
In such a case, duplicate entries may be created. Check the application log. Skipping 
duplicate entry 


Field name missing in production tables 


If you notice few fields that exist on Qualys UI or API response, but cannot locate it in 
ServiceNow out of box (OOB) tables. Cause: Mapping for such fields may not exist. For a 
complete list of mappings, refer to Field Mapping for Tables. If field mappings do not exist 
in the OOB tables, then such fields are not transformed into production tables. For 
example, the 'hostname' for network adapter exists in the staging table but missing from 
the production table (cmdb. ci network adapter). Cause: The cmdb ci network adapter 
table does not have a mapping for the hostname field. Hence the field value is not 
available in the production table. 


Truncated Value 


If the field value exceeds the field limit then the value may get truncated. The application 
does not update any of the OOB table structures: like field value lengths. 


Common Questions 


Can user add data to ServiceNow app from different Qualys servers? 


Yes, user can add asset data from different Qualys PODs. User needs to create different 
API Sources and Schedules as per Qualys servers. 


What are Upload and Download type records in Queue? 


It can be easily differentiated by Type field available in the table. For Downloading data to 
ServiceNow app (i.e syncing assets from Qualys to ServiceNow) Type will be Download. For 
Uploading data to Qualys (Syncing assets from ServiceNow to Qualys servers) Type will be 
Upload. 

Where can | find Assets which failed to transform in ServiceNow table? 


You'll find these assets in Failed Qualys Assets. Users can then approve these assets again. 
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How to customize the related table rules for transformation 


Let's consider an example where we want to transform assets to the production table for 
assets with certain hardware details. The default settings, the assets will fail to approve 
due to related entry rules. 


In such scenarios, execute the following steps to approve assets depending on the 
hardware details. 


1. Open the Related Entry table (cmdb. related entry. list). 


2. Search for the appropriate table entries (for example, hardware details in related table 
column search field or any preferred method of searching). 


3. Modify the entry details. You could do either or both the steps listed depending on the 
criteria and result that you want to achieve.: 


- Allow null attribute from ‘false’ to true [If you want to allow hardware details with 
hardware full name’ as null / empty (as our criterion attribute’ is 'hardware full name?) 


- Modify entry from Active to False to uncheck the rules for transforming the assets. 


Why do | view timestamps in GMT for schedules despite configuring a different 
timezone? 


In the schedule scripts, we use ServiceNow's new 
GlideDateTime().getDisplayValueInternal(); function to update the schedule 

last run timestamp. When this object is directly instantiated and used (e.g. in scoped 
application background script), it returns time in GMT, irrespective of the timezone 
configured for user under whom this script runs. That's how it is designed. 


Also, since ServiceNow does not allow scoped applications to set the timezone, the app 
cannot do that on behalf of the user who created the schedule. However, the time value 
you see on the UI is shown in the user set timezone - even if you set GMT date-time in this 
column. When the schedule runs next time, it fetches value in GMT, and not the one you 
see on UI. That may lead to confusion, and log entries show time in GMT, for this reason 
we recommend that the ServiceNow users set their time to GMT. 


The Schedules I defined pulled the data accurately till yesterday. But, today, the same 
schedule is unable to fetch any assets or related data. 


Check your application logs. The reason the schedules are unable to fetch assets 1s 
because either your trial period or your subscription has expired. Contact your TAM to 
extend your subscription. Once you have an active subscription, you need to activate your 
API Source and the schedules will fetch the assets. 


If an asset is purged from Qualys, what will its status be in ServiceNow CMDB? 


The asset purged from Qualys will not automatically be purged in ServiceNow CMDB. The 
asset must be manually purged from ServiceNow. 


No related file system details for Cls other than Computer and it's child CI classes 


Depending upon CIs and their dependent relationship, the file system is available only for 
Computer and it's child classes. 
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Known Issues 
Here are a few known issues/limitations in the CMDB Sync Service Graph Connector App: 


- The widgets Application Categories, Application Publishers, Database Distributors, 
Software Lifecycle Stage, Software Distribution, and EOL Applications are not populating 
due to changes in the Software info syncing process. 


- The Business Criticality information is not getting synced while syncing Business 
Metadata from ServiceNow to Qualys for Business Application table. 
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Field Mapping for Tables 


This chapter lists the detailed field mapping (source to target) for classified as well as 


related tables. 


Classified Tables 


The classified table includes the mapping of source fields with target fields that are 


recommended/used by ServiceNow 


Asset Data Model 
Computer (SN Table) 
Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


manufacturer manufacturer 
memory ram 

bios asset tag asset tag 

os full name OS 


os update OS service pack 

os architecture os address width 

model model id 

OS version OS version 

name name 

processor cpu. counts cpu count 

processor description cpu, name, cpu manufacturer 
ip address ip address 


]processor speed 


processor speed 


Serial Number (SN Table) 
Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


bios serial number 


serial number 


hardware serial number 
«additional field» 


File System (SN Table) 


Qualys Staging Table Attributes 


serial number 
serial number type 


ServiceNow Production Table Attributes 


name name 
free size free space bytes 
total size size bytes 


Network Adapter (SN Table) 


Qualys Staging Table Attributes 
mac address 


ServiceNow Production Table Attributes 
name 
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ip address 


mac address 


mac address 


IP Address (SN Table) 
Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


lp address 


ip address 


ip address 


name 


Software Data Model 
Software Instance (SN Table) 
Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


name 


name 


install date 
<additional field> 


install date 
«Reference to cmdb ci package» 


«additional field» 


Reference to the CI the software is installed on 


ont 


Related Tables 
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The related tables list the custom field mappings that could not be accommodated in the 
classified tables. We recommend that you do not alter the mappings in the related tables. 


Asset Data Model 
Qualys Asset details 
Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


asset. lastloggedonuser 


asset lastloggedonuser 


asset mostfrequentuser 


asset mostífrequentuser 


asset 1d 


qualys asset 1d 


asset uuid asset uuld 

bios description bios description 
last boot last boot 

last modified, date last modified, date 
timezone timezone 


qweb host id 


qweb. host 1d 


netbios name 


netbios name 


type 


type 


Qualys Operating System details 


Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


OS category 


OS category 


os category 1 


os category 1 


os category 2 


os category 2 


os category type 


os category type 


os edition 
os lifecycle confidence 


os edition 
os lifecycle confidence 


os lifecycle eol date 


os lifecycle eol date 


os lifecycle eol support stage 


os lifecycle eol support stage 


os lifecycle eos, date 


os lifecycle eos, date 


os lifecycle eos support stage 


os lifecycle eos support stage 


os lifecycle ga 


os lifecycle ga 


os lifecycle stage 


os lifecycle stage 


os market version 


os market version 


os_name 


os_name 


os_product_name 
os publisher 


Qualys Hardware details 


Qualys Related Table Attributes 


OS product name 
os publisher 


ServiceNow Production Table Attributes 


hardware category 


hardware category 


hardware category 1 
hardware category 2 


hardware category 1 
hardware category 2 


hardware category type 


hardware category type 
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hardware lifecycle confidence 


hardware lifecycle eos date 


hardware lifecycle eos date 


hardware lifecycle ga 


hardware lifecycle ga 


hardware lifecycle intro, date 


hardware lifecycle intro, date 


hardware lifecycle obsolete date 


hardware lifecycle obsolete date 


hardware lifecycle stage 


hardware lifecycle stage 


hardware product 


hardware product 


hardware full name 


hardware full name 


Qualys Open Ports details 
Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


description description 
detected service detected service 
port port 

protocol protocol 


Qualys Processors details 


Qualys Related Table Attributes 
processor cpu. counts 


ServiceNow Production Table Attributes 
processor cpu. counts 


processor description 


processor description 


processor speed 


processor speed 


Software Data Model 
Qualys Software details 


Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


architecture architecture 
category category 
category 1 category 1 
category 2 category 2 
category type category type 
component component 
edition edition 

Is 1gnored Is 1gnored 

Is 1gnored reason IS 1gnored reason 
language language 

license category license category 
type type 

update update 


lifecycle ga 


lifecycle ea 


lifecycle stage 


lifecycle stage 


market version 


market version 


product 


product 


publisher 
software lifecycle confidence 


publisher 
software lifecycle confidence 
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software lifecycle eol support stage 


software lifecycle eos date 


software lifecycle eos date 


software lifecycle eos support stage 


software lifecycle eos support stage 


Hardware Data Mappings 


The details of the hardware-data mappings are listed below 


Note: ServiceNow has soft-deprecated the following classes for Qubec version: 


- Human Machine Interface |cmdb, ci hmi| 


- Manufacturing Device [cmdb_ci manufacturing] 


- Programmable Logic Controller [cmdb. ci pic] 


For more information on alternative solutions, see ServiceNow notification. 


Hardware Category1 


Hardware Category2 


Target CI Class 


Printers Laser cmáb ci printer 
Communication Devices IP Phones cmáb ci hardware 
Virtualized Container cmdáb ci computer 
Computers Point of Sale (POS) Terminal cmáb, ci pos 


Networking Device 


Wireless Access Point 


cmdáb ci wap network 


Power Conditioning 
Equipment 


Power Distribution Unit (PDU) 


cmáb ci pdu 


Wearable Devices 


Printers 


Smart Glasses 


Line Matrix Printers 


cmdb ci wearable 


cmdb_ci printer 


Networking Device 


Unidentified 


cmdb ci netgear 


Input Devices 


RFID Device 


cmdb ci iot 


Mobile Smartphone cmdáb ci hardware 
Computers Mainframe cmdáb ci mainframe hardware 
Building Automation Devices Smart Appliance emoadb.cl 10 


Power Conditioning 
Equipment 


Uninterruptible Power Supply 
(UPS) 


cmdb_ci_ups 


Industrial Networking 


Industrial Control System (ICS) 


Industrial Ethernet Switch 


Intelligent Electronic Device 
(IED) 


cmdb_ci_ip_switch 


cmdb_ci_manufacturing 


Networking Device 


Building Automation Devices 


Concentrators, Hubs, and 
Multiplexers 


BACnet Controller 


cmdb ci hub network 


cmdb ci iot 


Building Automation Devices 


HVAC Control 
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cmdb_ ci iot 


Computers 
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cmdb_ci computer 


Audio and Visual Equipment 


Portable Media Player 


cmdb ci media player 


Communication Devices 


Conferencing Equipment 


cmdb ci hardware 


Industrial Control System (ICS) 


Distributed Control System 
(DCS) 


cmdb ci manufacturing 


Audio and Visual Equipment 


Smart IV 


cmdb ci stv 


Industrial Control System (ICS) 


Human Machine Interface 
(HMI) 


cmdb ci hmi 


Wearable Devices 


Health and Activity Monitor 


cmdb ci wearable 


Field Instruments 


Sensor 


cmdb_ ci iot 


Network Security Device 


Firewall Device 


cmdb ci firewall device 


Wearable Devices 


Building Automation Devices 


Smart Footwear 


Security Camera 


cmdb ci wearable 


cmdb_ci_ security 


Networking Device 


Bridges and Routers 


cmdb cà 1p router 


Industrial Control System (ICS) 


Remote Terminal Unit (RTU) 


cmdb ci manufacturing 


Networking Device 


Other 


cmdb ci netgear 


Audio and Visual Equipment 


Media Streaming Device 


cmdb ci media player 


Building Automation Devices 


Other 


cmdb ci hardware 


Communication Devices Other cmáb ci hardware 
Computers Notebook cmdb ci pc hardware 
Wearable Devices Smart Apparel cmdb_ci_wearable 


Industrial Control System (ICS) 


Industrial PC 


cmdb_ci computer 


Printers 


Multi-Function Printer (MFP) 


cmdb_ci mfp printer 


Field Instruments 


Motion Control 


cmdb ci iot 


Virtualized 


Cloud Instance 


cmdb ci vm. instance 


Building Automation Devices 


PACnet Router 


cmdb ci iot 


Field Instruments 


Field Device Management 


cmdb ci iot 


Call Management Systems or 
Accessories 


Premise Branch Exchange 
(PBX) 


cmdb ci hardware 


Building Automation Devices 


Industrial Networking 


Leak Detection 


Industrial Wireless LAN 


cmdb ci iot 


cmdáb,. ci wap network 


Audio and Visual Equipment 


Computers 


Smart Earpiece 


Other 


cmdb. ci media player 


cmdb_ci computer 


Printers 


Building Automation Devices 


3D Printers 


Intrusion Detection and 
Access Control 


cmdb_ci printer 


cmdáb. ci security 


Networking Device 


Access Servers 
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cmdb ci server 


Field Instruments 
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cmdb ci iot 


Networking Device 


Server Load Balancer 


cmdádb ci lb 


Industrial Control System (ICS) 


Programmable Logic 
Controller (PLC) 


cmáb. ci ple 


Building Automation Devices 


Lighting and Control 


cmdb ci iot 


Computers 


Desktop 


cmdáb ci pc hardware 


Wearable Devices 


Smart Watch 


cmdb ci wearable 


Building Automation Devices 


Power and Energy Monitoring 


cmab. etor 


Networking Device 


Print Server 


cmdb ci server 


Printers 


Thermal Tape Printers 


cmàáb, ci. printer 


Networking Device 


Networking Device 


Modem 


Terminal Server 


cmdb ci modem network 


cmdb ci netgear 


Wearable Devices 


Building Automation Devices 


Wearable Camera 


Fire Safety 


cmdb ci wearable 


cmdb ci iot 


Industrial Networking 


Communication Devices 


Other 
Video Phone 


cmdb ci netgear 


cmdb ci hardware 


Industrial Control System (ICS) 


Safety Instrumented System 
(SIS) 


cmdb_ci_manufacturing 


Industrial Networking 


Industrial Media Converter 


cmdb_ci_netgear 


Communication Devices 


Answering Machine 


cmdb_ci_hardware 


Mobile 


Tablet 


cmdb ci hardware 


Communication Devices 


Keyphone System 


cmdb ci hardware 


Field Instruments 


Robots 


cmdb ci iot 


Printers 


Other 


cmdb_ci printer 


Networking Device 


Wireless Fidelity Base Stations 
Wifi 


cmáb, ci wap network 


Virtualized 


Virtual Machine 


cmdb ci vm. instance 


Industrial Networking 


Industrial Control System (ICS) 


Industrial Serial Device Server 


Other 


cmdb ci hardware 


cmdb ci manufacturing 


Printers 


Audio and Visual Equipment 


Inkjet 


Projector 


cmdb_ci_printer 


cmdb_ci_display 


Field Instruments 


Industrial Networking 


Smart Meter 


IoT Gateway 


cmdb ci iot 


cmàáb, ci iot. gateway 


Networking Device 


Industrial Networking 


Switch 


Communication Processor 


cmáb ci ip. switch 


cmdb ci netgear 


Audio and Visual Equipment 


Computers 


Smart Speaker 


Server 


cmdb ci media player 


cmdb ci server 
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Cloud Data Mappings 


Here are the details of the mappings for your cloud data. 


Cloud Asset Column ServiceNow Production Table ServiceNow Production Table 


Attributes 
AWS 
Account ID cmdb_ci cloud service account account 1d,object id 
Availability Zone cmdáb. ci availability zone object. 1d 
Image ID cmdb ci os template object 1d 
Instance ID cmdb_ci vm, instance object. id 


Instance State cmdb ci vm instance state 


Instance Type cmáb ci compute template object. 1d 

Private IP Address cmdb_ci_nic private_ip 

Public IP Address cmdb_ci_nic public_ip 

Region Code cmdb_ci_aws_datacenter object. id,region,name 
Subnet ID cmdb_ci_ cloud, subnet object. 1d 

VPC ID cmáb, ci. network object-id 

Hostname Additional Cloud Details* 


Private DNS Additional Cloud Details” 
Tags Additional Cloud Details" 


Tag Key Additional Cloud Details" 

Tag Value Additional Cloud Details" 

Microsoft Azure 

Image Offer cmdb_ci os_ template object 1d 
Location cmáb, ci availability zone object. 1d 
MAC Address cmdb_ci_nic mac_address 
Private IP Address cmdb_ci_nic private_ip 
Public IP Address cmdb_ci_nic public_ip 
Virtual Machine Name cmdb_ci_vm_instance name 
Resource Group Name cmdb_ci azure datacenter region 
Virtual Machine Size cmáb ci compute template object. 1d 
Virtual Machine State — cmáb ci vm instance state 


Subscription ID cmdb_ci cloud, service account account 1d 
Virtual Machine ID cmdb_ci vm instance object. 1d 
Tags Additional Cloud Details" 

Tag Key Additional Cloud Details" 

Tag Value Additional Cloud Details" 

Image Publisher Additional Cloud Details" 

Image Version Additional Cloud Details" 


Google Cloud Platform (GCP) 


Instance ID cmdb_ci_vm_instance object_id 
MAC Address cmdb_ci_nic mac_address 
Machine Type cmdb_ci_compute_template object_id 


ay 
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Network cmdb_ci network object. id 

Private IP Address cmab ci nic private 1p 

ProJect Number cmdb ci cloud service account account 1d, object 1d 
Public IP Address cmdb_ci_nic public_ip 

Zone cmdb_ci_availability zone object. 1d 

state cmdb_ci vm instance state 

Hostname Additional Cloud Details* 

Hostname Additional Cloud Details* 


Note: Additional Cloud Details refers to details provided by Qualys. 


Appendix 

The below table shows the mapping between ServiceNow fields and Qualys.Asset 
Metadata 

ServiceNow Field Label Qualys UI Field 

qualys asset 1d Qualys Asset ID 

name Asset Name 

company company 

created First Seen (On Connector Screen) 
department Department 

environment Environment 

ip address IP Address 

last updated Last Updated Date (On Connector screen) 
location Assigned Location 

managed by Managed By 

owned, by Owner/Custodian 

status otatus 

supported. by Supported By 

support group oupport Group 


Business App Metadata 


ServiceNow Field Label 


Qualys UI Field 


name Business App Name 
business criticality Business Cniticality 
environment environment 
managed, by Managed By 

owned, by owned, by 
supported. by Supported By 
support group support Group 


operational status 


Operational Status 
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